我需要将签名的XML文件发送给巴西的政府机构.问题是我的Java代码计算的摘要(使用Java XML数字签名API与使用XMLSEC等其他工具生成的摘要不同).
这是我用来为某些XML节点生成XML签名的代码:
private synchronized void sign(XmlObject obj) throws Exception {
initKeystore();
XMLSignatureFactory fac = XMLSignatureFactory.getInstance("DOM");
List<Transform> transformList = new ArrayList<Transform>();
Transform envelopedTransform = fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null);
Transform c14NTransform = fac.newTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315",
(TransformParameterSpec) null);
transformList.add(envelopedTransform);
transformList.add(c14NTransform);
Reference ref = fac.newReference("", fac.newDigestMethod(DigestMethod.SHA1, null),
Collections.singletonList(fac.newTransform(Transform.ENVELOPED, (TransformParameterSpec) null)), null,
null);
SignedInfo si = fac.newSignedInfo(
fac.newCanonicalizationMethod(CanonicalizationMethod.INCLUSIVE, (C14NMethodParameterSpec) null),
fac.newSignatureMethod(SignatureMethod.RSA_SHA1, null), Collections.singletonList(ref));
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream(System.getProperty("javax.net.ssl.keyStore")),
System.getProperty("javax.net.ssl.keyStorePassword").toCharArray());
KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry("entry",
new KeyStore.PasswordProtection(System.getProperty("javax.net.ssl.keyStorePassword").toCharArray()));
X509Certificate cert = (X509Certificate) …pip install xmlsec在 macOS Big Sur 11.3.1 中运行时,我收到以下信息:
Building wheels for collected packages: xmlsec
Building wheel for xmlsec (PEP 517) ... error
ERROR: Command errored out with exit status 1:
command: /Users/davidmasip/.pyenv/versions/3.9.9/bin/python3.9 /Users/davidmasip/.pyenv/versions/3.9.9/lib/python3.9/site-packages/pip/_vendor/pep517/in_process/_in_process.py build_wheel /var/folders/ff/3y2196b13bq0nbm3_ms25nyh0000gp/T/tmpm51b1yso
cwd: /private/var/folders/ff/3y2196b13bq0nbm3_ms25nyh0000gp/T/pip-install-qm2a1dud/xmlsec_cd7a81ea26444cc4b8ae24acd3ec379d
Complete output (65 lines):
running bdist_wheel
running build
running build_py
creating build
creating build/lib.macosx-11.3-x86_64-cpython-39
creating build/lib.macosx-11.3-x86_64-cpython-39/xmlsec
copying src/xmlsec/py.typed -> build/lib.macosx-11.3-x86_64-cpython-39/xmlsec
copying src/xmlsec/tree.pyi -> build/lib.macosx-11.3-x86_64-cpython-39/xmlsec
copying src/xmlsec/__init__.pyi -> build/lib.macosx-11.3-x86_64-cpython-39/xmlsec
copying src/xmlsec/constants.pyi -> build/lib.macosx-11.3-x86_64-cpython-39/xmlsec
copying src/xmlsec/template.pyi -> build/lib.macosx-11.3-x86_64-cpython-39/xmlsec
running build_ext
building 'xmlsec' extension
creating …试图使用maven使用cxf + wss4j.在没有任何编译问题的情况下创建了服务和客户端.该服务在tomcat中运行良好.
问题:
当我运行客户端代码时,我得到"java.lang.NoSuchMethodError:org.apache.xml.security.utils.I18n.init(Ljava/util/ResourceBundle;)V".这个类在xmlsec jar中,它带有cxf发行版.
服务项目的pom.xml:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>userNameTokenService</groupId>
<artifactId>userNameTokenService</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>war</packaging>
<dependencies>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-frontend-jaxws</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-transports-http</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.6.15</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>3.2.6.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>3.2.6.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>3.2.6.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-beans</artifactId>
<version>3.2.6.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-expression</artifactId>
<version>3.2.6.RELEASE</version>
</dependency>
</dependencies>
<build>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<configuration>
<webXml>WebContent\WEB-INF\web.xml</webXml>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
</project> …我尝试从终端以本地模式安装 Rasa X 时遇到错误。使用Python 3.7.4和pip版本21.3.1。使用Mac。
Building wheels for collected packages: xmlsec
Building wheel for xmlsec (pyproject.toml) ... error
ERROR: Command errored out with exit status 1:
Complete output (14 lines):
running bdist_wheel
running build
running build_py
package init file 'src/xmlsec/__init__.py' not found (or not a regular file)
creating build
creating build/lib.macosx-10.9-x86_64-3.7
creating build/lib.macosx-10.9-x86_64-3.7/xmlsec
copying src/xmlsec/py.typed -> build/lib.macosx-10.9-x86_64-3.7/xmlsec
copying src/xmlsec/tree.pyi -> build/lib.macosx-10.9-x86_64-3.7/xmlsec
copying src/xmlsec/__init__.pyi -> build/lib.macosx-10.9-x86_64-3.7/xmlsec
copying src/xmlsec/constants.pyi -> build/lib.macosx-10.9-x86_64-3.7/xmlsec
copying src/xmlsec/template.pyi -> build/lib.macosx-10.9-x86_64-3.7/xmlsec
running build_ext
error: Unable to invoke pkg-config. …我试图用xmlsec1实用程序验证XML(附在问题的底部)签名.但是,在执行命令时
xmlsec1 --verify test.xml
我正在跟踪堆栈跟踪:
func = xmlSecXPathDataExecute:file = xpath.c:line = 273:obj = unknown:subj = xmlXPtrEval:error = 5:libxml2库函数失败:expr = xpointer(id('uuid-73c06e86-88d2-4204-91f4-3d484bc782cc' ))func = xmlSecXPathDataListExecute:file = xpath.c:line = 373:obj = unknown:subj = xmlSecXPathDataExecute:error = 1:xmlsec库函数失败:func = xmlSecTransformXPathExecute:file = xpath.c:line = 483:obj = xpointer :subj = xmlSecXPathDataExecute:error = 1:xmlsec库函数失败:func = xmlSecTransformDefaultPushXml:file = transforms.c:line = 2411:obj = xpointer:subj = xmlSecTransformExecute:error = 1:xmlsec库函数失败:func = xmlSecTransformCtxXmlExecute:file = transforms.c:line = 1242:obj = unknown:subj = xmlSecTransformPushXml:error = 1:xmlsec库函数失败:transform = xpointer func = xmlSecTransformCtxExecute:file = transforms.c:line = 1302:obj = …
pip install xmlsec 命令抛出以下错误。
ERROR: Command errored out with exit status 1:
command: /home/xxx/PycharmProjects/saml_impl/saml_impl/venv/bin/python /home/sathia/PycharmProjects/saml_impl/saml_impl/venv/lib/python3.8/site-packages/pip/_vendor/pep517/_in_process.py build_wheel /tmp/tmpu_b5m5vz
cwd: /tmp/pip-install-gblz98sr/xmlsec
Complete output (14 lines):
running bdist_wheel
running build
running build_py
package init file 'src/xmlsec/__init__.py' not found (or not a regular file)
creating build
creating build/lib.linux-x86_64-3.8
creating build/lib.linux-x86_64-3.8/xmlsec
copying src/xmlsec/py.typed -> build/lib.linux-x86_64-3.8/xmlsec
copying src/xmlsec/template.pyi -> build/lib.linux-x86_64-3.8/xmlsec
copying src/xmlsec/constants.pyi -> build/lib.linux-x86_64-3.8/xmlsec
copying src/xmlsec/__init__.pyi -> build/lib.linux-x86_64-3.8/xmlsec
copying src/xmlsec/tree.pyi -> build/lib.linux-x86_64-3.8/xmlsec
running build_ext
error: Unable to invoke pkg-config.
----------------------------------------
ERROR: Failed building wheel for xmlsec …C语言中是否有可用的库来验证XML签名?我只能从http://santuario.apache.org/cindex.html找到一个C++库.
我正在尝试使用pyxmlsec/xmlsec/libxml2签署XML文件,但它失败了(sigCtx->signValueNode == NULL:error=100:assertion).
当我从命令行运行时它运行顺利:
xmlsec1 sign --output signed.xml --pkcs12 c.pfx --pwd mypwd tobesigned.xml
我的Python代码:
libxml2.initParser()
libxml2.substituteEntitiesDefault(1)
xmlsec.init()
xmlsec.cryptoAppInit(None)
xmlsec.cryptoInit()
doc_xml = libxml2.parseMemory(xml, len(xml))
signature_node = xmlsec.findNode(
doc_xml.getRootElement(),
xmlsec.NodeSignature,
xmlsec.DSigNs,
)
signer = xmlsec.DSigCtx()
key = xmlsec.cryptoAppKeyLoad(
filename=str(self.issuer.certificate.path),
format=xmlsec.KeyDataFormatPkcs12,
pwd=str(self.issuer.certificate_password),
pwdCallback=None,
pwdCallbackCtx=None,
)
signer.signKey = key
signer.sign(signature_node) # error!
...
完整错误跟踪:
func=xmlSecDSigCtxProcessSignatureNode:file=xmldsig.c:line=463:obj=unknown:subj=dsigCtx->signValueNode == NULL:error=100:assertion:
func=xmlSecDSigCtxSign:file=xmldsig.c:line=303:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlsec library function failed:
有小费吗?
谢谢!
我正在尝试使用封装签名和javax.xml.crypto.dsig.*类来签署xml文件.因此,我获得了具有正确签名内容但未定义命名空间的文件.如何添加xmlns:ds ="http://www.w3.org/2000/09/xmldsig#"命名空间和相应的ds前缀?我没有看到任何可以定义它的地方.
示例代码:
XMLSignatureFactory xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");
(...)
XMLSignature signature = xmlSignatureFactory.newXMLSignature(signedInfo, keyInfo);
// Marshal, generate, and sign the enveloped signature.
signature.sign(domSignContext);
给出了示例XML:
<?xml version="1.0" encoding="UTF-8"?>
<test xmlns="http://different.namespace.com">
<someBody/>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>base64_digest</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>some_base64</SignatureValue>
<KeyInfo>
<X509Data>
<X509SubjectName>subject_data</X509SubjectName>
<X509Certificate>some_more_base64</X509Certificate>
</X509Data>
<KeyValue>
<RSAKeyValue>
<Modulus>another_base64</Modulus>
<Exponent>base64_as_well</Exponent>
</RSAKeyValue>
</KeyValue>
</KeyInfo>
</Signature>
</test>
但我想要:
<?xml version="1.0" encoding="UTF-8"?>
<test xmlns="http://different.namespace.com" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<someBody/>
<ds:Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="">
<ds:Transforms> …我正在使用 djangosaml2 和 pysaml2 使用 SAML 进行 sso 身份验证。
Pysaml2 需要 xmlsec1 来进行安全断言。
我可以在 ubuntu 14.04 上安装 xmlsec1。一切正常。
对于 windows 平台,我无法安装 xmlsec1 库。
我尝试过的-
1 从https://www.zlatkovic.com/libxml.en.html下载的 Windows 二进制文件 2 当我尝试访问它时,出现 libltdl-7.dll 丢失错误